Omni-Channel Fraud Prevention Can Protect Against Social Engineering Attack Surge

RSA is urging financial institutions to take an omni-channel approach to fraud prevention. In a new blog post, the company notes that people can now log into their accounts through multiple different channels using many different devices, and financial institutions need to ensure that all of those channels are protected if they want to guarantee the safety of their customers.

Omni-Channel Fraud Prevention Can Protect Against Social Engineering Attack Surge

Daniel Cohen, RSA’s Head of Anti-Fraud Products and Strategy, addressed those concerns in a recent discussion on The Download. He specifically warned about the prospect of cross channel fraud, describing a scenario in which a cybercriminal uses social engineering to steal someone’s personal information from a call center, and then uses that information to log in via another channel to perform a transaction that would otherwise seem to be legitimate. By the time the financial institution and the customer find out what has happened, it is often too late to recover the stolen funds.

With that in mind, Cohen argues that financial institutions need to be more proactive about fraud prevention. The number of potential access points will only increase as financial institutions open new channels to offer more convenience to their customers, and security teams need to be prepared to deal with that before people start using those channels. The failure to do so will inevitably raise the risk of fraud, as well as the number of security incidents that the organization will have to deal with in the future.   

Of course, RSA is hardly the first company to warn about the threat of social engineering fraud. Organizations like BioCatch, the Electronic Frontier Foundation, and Yubico have all observed that social engineering attacks have increased in the past few weeks as cybercriminals try to take advantage of the disruption caused by the COVID-19 pandemic.

RSA partnered with Yubico at the tail end of 2019 to deliver a FIDO2 hardware device for the RSA SecurID Access platform.

(Originally posted on FindBiometrics)